CISM: Incident Response Procedure
Fast practice, instant feedback. Timer auto-submits when time’s up.
Avg score: 41% Most missed: “What is the most effective way of training the members of a newly established in…”
CISM: Incident Response Procedure
Time left 00:00
25 Questions

1. The information security has manager noted a security breach. What should be their immediate course of action?
2. Once the security incident has been confirmed, what should be the next task of the security manager?
3. After confirming the security breach related to customer data, the security manager should notify who first?
4. In which of the following processes does the incident response team address the root cause?
5. Escalation guidelines are mostly derived from which of the following?
6. What is the most important factor for identifying security incidents early?
7. The incident escalation process should primarily state what?
8. What is the main objective of the senior manager reviewing the security incident’s status and procedures?
9. Which of the following is the most effective way to address the network-based security attacks that are generated internally?
10. The response team noted that the investigation of an incident cannot be completed as per the timeframe. What should be their next action?
11. The efficiency of the incident response team can be best improved by which of the following?
12. What is the best way to determine the effectiveness of the incident response team?
13. The members of the organization’s information security response team are determined by which of the following?
14. Who should be notified immediately when a vulnerability is discovered in a web server?
15. Which of the following is the most important factor for identifying a security incident promptly?
16. What is the most effective way of training the members of a newly established incident management team?
17. The security manager has noted a serious vulnerability in the installed firewall. What should be their next course of action?
18. The security manager has noted that confidential human resource data is accessible to all the users of the human resource department. What should be their first step?
19. What is the most effective metric to justify the establishment of an incident management team?
20. What is the best metric to determine the readiness of the incident response team?
21. What is the main objective of the incident response plan?
22. The security manager received a report about a customer database being breached by a hacker. What should be their first step?
23. The security manager has noted that if a server fails for 3 days, it could cost the organization $100,000; that is, two times more than if it could be recovered in 1 day. This calculation is arrived at from which of the following?
24. Using the triage phase of the incident response plan, a security manager can determine what?
25. What is the relevance of slack space during an incident investigation?